General
-
Target
d4c958b5f69575622ab7559b07e7abe0.exe
-
Size
370KB
-
Sample
211120-xnpnfsgbh9
-
MD5
d4c958b5f69575622ab7559b07e7abe0
-
SHA1
12d7244bcbf96d5a70cfe5f39271600a330334ac
-
SHA256
25d0f96b71b8f658d323fd6c0a0ed6051a03b5374324f56ee420fab8f5f5cf97
-
SHA512
9fd9e0ae57bb346a21992196ba5fdf3b0e684bf0c79fcc3319957f326719bffea1b928ebd2dcfaae94d37e01cda120cccc7a5af3e2d188e11f021d6e3f02b8ef
Static task
static1
Behavioral task
behavioral1
Sample
d4c958b5f69575622ab7559b07e7abe0.exe
Resource
win7-en-20211014
Malware Config
Extracted
formbook
4.1
ob7y
http://www.metanewsroom.net/ob7y/
ipsdjf.com
mlphntec.com
restaurant-day.store
writeramylong.com
flokigamefi.com
usetianyi.xyz
punishstrikebreaker.quest
ericnfleming.com
dhhwtieen.xyz
milfhackers.com
fewefie.store
pithstsdiet.store
kirsten-hemmerich.com
casinolopoca.com
sigag.xyz
geilepoes.com
metawhatsapp.art
sarjin.xyz
toprabatte.net
lotofbrave.club
ladydunyasi.com
oeooaoio.xyz
ifarh.com
geovaluablehack.com
heatherwoodrealestate.com
788027.com
groweth2gloweth.com
corryandbee.com
chatech.community
defholdingsus.com
gymandsports213.sbs
safaknet.com
rnisk.store
yhsps.com
taxlawyeral.com
liberiathelandofreturn.net
beniclothingstore.com
onecashadvance.com
metawhatsapp.delivery
chseovx.xyz
fiftyix.com
ambassadorbed.com
doktorhelp.com
memoryck.com
ceto21.com
zomerubo.rest
tyoutrannyvidep.com
3cbzfhhx5.com
cryleo.com
thebigass.online
ofd-trade-sender.com
elchinazizov.com
shakilimam.com
soporhojecast.com
reyestacosrestaurant.com
supdeszka.com
kredit-option.com
sharonallenart.com
destockage-international.com
immediate-edge-pl.xyz
jmsjszc.com
mojuwangluo.com
tr4ders.com
zilingodigitize.com
Targets
-
-
Target
d4c958b5f69575622ab7559b07e7abe0.exe
-
Size
370KB
-
MD5
d4c958b5f69575622ab7559b07e7abe0
-
SHA1
12d7244bcbf96d5a70cfe5f39271600a330334ac
-
SHA256
25d0f96b71b8f658d323fd6c0a0ed6051a03b5374324f56ee420fab8f5f5cf97
-
SHA512
9fd9e0ae57bb346a21992196ba5fdf3b0e684bf0c79fcc3319957f326719bffea1b928ebd2dcfaae94d37e01cda120cccc7a5af3e2d188e11f021d6e3f02b8ef
-
Formbook Payload
-
Suspicious use of SetThreadContext
-